Completed
Sender Constrained Access Tokens w
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
OAuth 2.1 and Beyond
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 High Security OAuth
- 3 Relevant Documents
- 4 OAuth 2.1
- 5 Rich Authorization Requests (RAR)
- 6 Example (2)
- 7 Example Authorization Request
- 8 JWT Secured Authorization Requests
- 9 Enabling JAR in IdentityServer
- 10 Pushed Authorization Requests PAR
- 11 Pushed Authorization Request & Respo
- 12 Authorization Request using request_
- 13 Shared Secrets
- 14 Recommendations
- 15 Sending a private_key_jwt
- 16 "Proof-of-Possession" History
- 17 Weakness of Bearer Tokens
- 18 Proof of Possession using MTLS
- 19 Mutual TLS
- 20 Sender Constrained Access Tokens w
- 21 Creating an X.509 Client Certificate
- 22 Setting a Client Certificate
- 23 Calling the Token Endpoint
- 24 MTLS Endpoints
- 25 Server Metadata
- 26 Choice of Web Server / Proxy
- 27 Example: Sub-domains with Nginx
- 28 Reading Certificate from Header
- 29 Certificate Authentication Handler
- 30 Enabling MTLS in IdentityServer
- 31 Verifying Access Token Ownership at Rese
- 32 Pipeline Overview
- 33 Summary